Red alert: Virus attacks mass!

A huge wave of the Storm Worm worm variant is flooding Internet users' mailboxes around the world in the helpless, unaware of many security applications. Of the 31 antivirus programs tested, only 4 identified

A huge wave of the Storm Worm worm variant is flooding Internet users' mailboxes around the world in the helpless, unaware of many security applications.

Of the 31 antivirus programs tested, only 4 have identified this virus.

Security firm Postini said in just 24 hours it had recorded about 55 million emails containing viruses, which is 60 times higher than the average of the previous day.

The first batch of emails has a romantic title like " A gentle kiss " or " I dream about you ", but in the next round, hackers try to deceive users with headlines that are as alert as " New Deep Alarm! "," New Virus Alarm! ". Many victims thought they were infected with the worm and needed to run the attachment in the email to patch the hole without knowing it was the virus itself.

Foolish security applications

At 2:30 pm (US time), a PC World reporter uploaded the above attachment to Virustotal.com, a website that uses a lot of different antivirus programs to scan uploaded files. Of the 31 applications tested, only 4 - ClamAV, eSafe, Kaspersky and Symantec - announced that this is a virus.

Red alert: Virus attacks mass! Picture 1Red alert: Virus attacks mass! Picture 1 Source: Infotech According to Postini, when double-clicking on an attachment, users will release a sophisticated, sophisticated malware attack.

First, a rootkit program will try to disguise, masking malware from escaping from both the human and antivirus software scans. Later, Storm Worm will try to disable antivirus applications. Next, it will connect to a P2P network designated by the hacker. Through this P2P network, the Storm Worm worm will receive commands and directives such as downloading malware to the computer, sending spam or stealing personal data .

Finally, in order to spread more widely, Storm Worm will search the email address inside the victim computer and send mail to all these addresses. It knows how to automatically change the subject line, attachment name and identity features to fool, bypass security applications.

A hurricane

As its name suggests, Storm Worm has been storming, raging in the world Internet community since the beginning of the year.

First discovered in January, Storm Worm was named after its most popular subject line, " 230 people died after the storm swept Europe ".

Storm Worm created its own virtual storm with 42,000 different variants within 12 days. This huge number of variants is supposed to fool traditional virus detection tools, working on a comparison mechanism of each variant with an existing database, thereby concluding that it is a good virus. is not.

To ensure your own safety before this boom, users have to learn to be most careful about any email attachments, even if they are sent from someone you know. Also, make sure your antivirus software is up to date.

While most antivirus applications today miss some variants, security companies will quickly update their databases as soon as they are alerted.

Trong Cam

5 ★ | 1 Vote